change_sqlpass for qmailtoaster

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

change_sqlpass for qmailtoaster

Rajesh M-3
hi

i was able to adapt the change_sqlpass plugin to suit vpopmail mysql database of qmailtoaster wherein the domains are created as domain_com.

however i got stuck at one specific point

as per the details in the config file the variable : %3 returns the domain name as : domainname.com

how do i get domainname.com within a variable so that i can replace dot with underscore ie domainname.com with domainname_com

for example i tried to use : $domainname = %3; but php throws a blank page.

if i use %3 within sql select query the domain name (domainname.com) is returned correctly.

i am not a php programmer but have a very basic knowledge only.

my change_sqlpass config file is quoted below

any help would be greatly appreciated. i am trying to figure this for so many weeks now and i am stuck at the very last step.

rajesh


<?php

/**
  * SquirrelMail Change SQL Password Plugin
  * Copyright (C) 2001-2002 Tyler Akins
  *              2002 Thijs Kinkhorst <[hidden email]>
  *              2002-2005 Paul Lesneiwski <[hidden email]>
  * This program is licensed under GPL. See COPYING for details
  *
  * @package plugins
  * @subpackage Change SQL Password
  *
  */


  // Global Variables, don't touch these unless you want to break the plugin
  //
  global $csp_dsn, $password_update_queries, $lookup_password_query,
          $force_change_password_check_query, $password_encryption,
          $csp_salt_query, $csp_salt_static, $csp_secure_port,
          $csp_non_standard_http_port, $csp_delimiter, $csp_debug,
          $min_password_length, $max_password_length, $include_digit_in_password,
          $include_uppercase_letter_in_password, $include_lowercase_letter_in_password,
          $include_nonalphanumeric_in_password;



  // csp_dsn
  //
  // Theoretically, any SQL database supported by Pear should be supported
  // here.  The DSN (data source name) must contain the information needed
  // to connect to your database backend. A MySQL example is included below.
  // For more details about DSN syntax and list of supported database types,
  // please see:
  //  http://pear.php.net/manual/en/package.database.db.intro-dsn.php
  //
  //$csp_dsn = 'mysql://user:password@localhost/email_users';
$csp_dsn = 'mysql://vpopmail:xxxxxx@localhost/vpopmail';


  // lookup_password_query
  //
  // This plugin will always verify the user's old password
  // against their login password, but an extra check can also
  // be done against the database for more security if you
  // desire.  If you do not need the extra password check,
  // make sure this setting is empty.
  //
  // This is a query that returns a positive value if a user
  // and password pair are found in the database.
  //
  // This query should return one value (one row, one column), the
  // value being ideally a one or a zero, simply indicating that
  // the user/password pair does in fact exist in the database.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //  %4 in this query will be replaced with the current (old)
  //      password in whatever encryption format is needed per other
  //      plugin configuration settings (Note that the syntax of
  //      the password will be provided depending on your encryption
  //      choices, so you NEVER need to provide quotes around this
  //      value in the query here.)
  //  %5 in this query will be replaced with the current (old)
  //      password in unencrypted plain text.  If you do not use any
  //      password encryption, %4 and %5 will be the same values,
  //      except %4 will have double quotes around it and %5 will not.
  //


//$domainname = %3;
//$tablename = str_replace(".","_",$domainname);

  //$lookup_password_query = '';
  // TERRIBLE SECURITY: $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND plain_password = "%5"';
//  $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND crypt_password = %4';

// $lookup_password_query = 'SELECT count(*) FROM $tablename WHERE pw_name = "%2" AND pw_domain = "%3" AND pw_passwd = %4';

$lookup_password_query = 'SELECT count(*) FROM mydomain_com WHERE pw_name = "%2" AND pw_passwd = %4';





  // password_update_queries
  //
  // An array of SQL queries that will all be executed
  // whenever a password change attempt is made.
  //
  // Any number of queries may be included here.
  // The queries will be executed in the order given here.
  //
  //  %1 in all queries will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in all queries will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in all queries will be replaced with the domain name,
  //      such as "example.com"
  //  %4 in all queries will be replaced with the new password
  //      in whatever encryption format is needed per other
  //      plugin configuration settings (Note that the syntax of
  //      the password will be provided depending on your
  //      encryption choices, so you NEVER need to provide quotes
  //      around this value in the queries here.)
  //  %5 in all queries will be replaced with the new password
  //      in unencrypted plain text - BEWARE!  If you do not use
  //      any password encryption, %4 and %5 will be the same
  //      values, except %4 will have double quotes around it
  //      and %5 will not.
  //
  $password_update_queries = array(

'UPDATE mydomain_com SET pw_passwd = %4 WHERE pw_name = "%2"',
'UPDATE mydomain_com SET pw_clear_passwd = %5 WHERE pw_name = "%2"',

//            'UPDATE users SET crypt_password = %4 WHERE username = "%1"',
//            'UPDATE user_flags SET force_change_pwd = 0 WHERE username = "%1"',
//            'UPDATE users SET crypt_password = %4, force_change_pwd = 0 WHERE username = "%1"',
                                  );



  // force_change_password_check_query
  //
  // A query that checks for a flag that indicates if a user
  // should be forced to change their password.  This query
  // should return one value (one row, one column) which is
  // zero if the user does NOT need to change their password,
  // or one if the user should be forced to change it now.
  //
  // This setting should be an empty string if you do not wish
  // to enable this functionality.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //
  //$force_change_password_check_query = 'SELECT IF(force_change_pwd = "yes", 1, 0) FROM users WHERE username = "%1"';
  //$force_change_password_check_query = 'SELECT force_change_pwd FROM users WHERE username = "%1"';
  $force_change_password_check_query = '';



  // password_encryption
  //
  // What encryption method do you use to store passwords
  // in your database?  Please use one of the following,
  // exactly as you see it:
  //
  //  NONE          Passwords are stored as plain text only
  //  MYSQLPWD      Passwords are stored using the MySQL password() function
  //  MYSQLENCRYPT  Passwords are stored using the MySQL encrypt() function
  //  PHPCRYPT      Passwords are stored using the PHP crypt() function
  //  MD5CRYPT      Passwords are stored using encrypted MD5 algorithm
  //  MD5          Passwords are stored as MD5 hash
  //
  //$password_encryption = 'MYSQLPWD';

$password_encryption = 'MD5CRYPT';


  // csp_salt_query
  // csp_salt_static
  //
  // Encryption types that need a salt need to know where to get
  // that salt.  If you have a constant, known salt value, you
  // should define it in $csp_salt_static.  Otherwise, leave that
  // value empty and define a value for the $csp_salt_query.
  //
  // Leave both values empty if you do not need (or use) salts
  // to encrypt your passwords.
  //
  // The query should return one value (one row, one column) which
  // is the salt value for the current user's password.  This
  // query is ignored if $csp_salt_static is anything but empty.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //
  //$csp_salt_static = 'LEFT(crypt_password, 2)';
  //$csp_salt_static = '"a4"';  // use this format with MYSQLENCRYPT
  //$csp_salt_static = '$2$blowsomefish$';  // use this format with PHPCRYPT

$csp_salt_static = '';


  //$csp_salt_query = 'SELECT SUBSTRING_INDEX(crypt_password, '$', 1) FROM users WHERE username = "%1"';
  //$csp_salt_query = 'SELECT SUBSTRING(crypt_password, (LENGTH(SUBSTRING_INDEX(crypt_password, '$', 2)) + 2)) FROM users WHERE username = "%1"';
//  $csp_salt_query = 'SELECT salt FROM users WHERE username = "%1"';
  //$csp_salt_query = '';

$csp_salt_query = 'SELECT SUBSTRING(pw_passwd,4,9) FROM mydomain_com WHERE pw_name = "%2"';


  // csp_secure_port
  //
  // You may ensure that SSL encryption is used during password
  // change by setting this to the port that your HTTPS is served
  // on (443 is typical).  Set to zero if you do not wish to force
  // an HTTPS connection when users are changing their passwords.
  //
  // You may override this value for certain domains, users, or
  // service levels through the Virtual Host Login (vlogin) plugin
  // by setting a value(s) for $vlogin_csp_secure_port in the vlogin
  // configuration.
  //
  $csp_secure_port = 0;
  //$csp_secure_port = 443;



  // csp_non_standard_http_port
  //
  // If you serve standard HTTP web requests on a non-standard
  // port (anything other than port 80), you should specify that
  // port number here.  Set to zero otherwise.
  //
  // You may override this value for certain domains, users, or
  // service levels through the Virtual Host Login (vlogin) plugin
  // by setting a value(s) for $vlogin_csp_non_standard_http_port
  // in the vlogin configuration.
  //
  //$csp_non_standard_http_port = 8080;
  $csp_non_standard_http_port = 0;



  // min_password_length
  // max_password_length
  // include_digit_in_password
  // include_uppercase_letter_in_password
  // include_lowercase_letter_in_password
  // include_nonalphanumeric_in_password
  //
  // You can set the minimum and maximum password lengths that
  // you accept or leave those settings as zero to indicate that
  // no limit should be applied.
  //
  // Turn on any of the other settings here to check that the
  // new password contains at least one digit, upper case letter,
  // lower case letter and/or one non-alphanumeric character.
  //
  $min_password_length = 8;
  $max_password_length = 12;
  $include_digit_in_password = 1;
  $include_uppercase_letter_in_password = 1;
  $include_lowercase_letter_in_password = 1;
  $include_nonalphanumeric_in_password = 0;



  // csp_delimiter
  //
  // if your system has usernames with something other than
  // an "@" sign separating the user and domain portion,
  // specify that character here
  //
  //$csp_delimiter = '|';
  $csp_delimiter = '@';



  // debug mode
  //
  $csp_debug = 0;



?>




------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Reply | Threaded
Open this post in threaded view
|

Re: change_sqlpass for qmailtoaster

Rajesh M-3
paul

can you help please

rajesh

----- Original Message -----
From: Rajesh M [mailto:[hidden email]]
To: [hidden email]
Sent: Thu, 15 Jan 2015 06:45:35 +0530
Subject: [SM-USERS] change_sqlpass for qmailtoaster

hi

i was able to adapt the change_sqlpass plugin to suit vpopmail mysql database of qmailtoaster wherein the domains are created as domain_com.

however i got stuck at one specific point

as per the details in the config file the variable : %3 returns the domain name as : domainname.com

how do i get domainname.com within a variable so that i can replace dot with underscore ie domainname.com with domainname_com

for example i tried to use : $domainname = %3; but php throws a blank page.

if i use %3 within sql select query the domain name (domainname.com) is returned correctly.

i am not a php programmer but have a very basic knowledge only.

my change_sqlpass config file is quoted below

any help would be greatly appreciated. i am trying to figure this for so many weeks now and i am stuck at the very last step.

rajesh


<?php

/**
  * SquirrelMail Change SQL Password Plugin
  * Copyright (C) 2001-2002 Tyler Akins
  *              2002 Thijs Kinkhorst <[hidden email]>
  *              2002-2005 Paul Lesneiwski <[hidden email]>
  * This program is licensed under GPL. See COPYING for details
  *
  * @package plugins
  * @subpackage Change SQL Password
  *
  */


  // Global Variables, don't touch these unless you want to break the plugin
  //
  global $csp_dsn, $password_update_queries, $lookup_password_query,
          $force_change_password_check_query, $password_encryption,
          $csp_salt_query, $csp_salt_static, $csp_secure_port,
          $csp_non_standard_http_port, $csp_delimiter, $csp_debug,
          $min_password_length, $max_password_length, $include_digit_in_password,
          $include_uppercase_letter_in_password, $include_lowercase_letter_in_password,
          $include_nonalphanumeric_in_password;



  // csp_dsn
  //
  // Theoretically, any SQL database supported by Pear should be supported
  // here.  The DSN (data source name) must contain the information needed
  // to connect to your database backend. A MySQL example is included below.
  // For more details about DSN syntax and list of supported database types,
  // please see:
  //  http://pear.php.net/manual/en/package.database.db.intro-dsn.php
  //
  //$csp_dsn = 'mysql://user:password@localhost/email_users';
$csp_dsn = 'mysql://vpopmail:xxxxxx@localhost/vpopmail';


  // lookup_password_query
  //
  // This plugin will always verify the user's old password
  // against their login password, but an extra check can also
  // be done against the database for more security if you
  // desire.  If you do not need the extra password check,
  // make sure this setting is empty.
  //
  // This is a query that returns a positive value if a user
  // and password pair are found in the database.
  //
  // This query should return one value (one row, one column), the
  // value being ideally a one or a zero, simply indicating that
  // the user/password pair does in fact exist in the database.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //  %4 in this query will be replaced with the current (old)
  //      password in whatever encryption format is needed per other
  //      plugin configuration settings (Note that the syntax of
  //      the password will be provided depending on your encryption
  //      choices, so you NEVER need to provide quotes around this
  //      value in the query here.)
  //  %5 in this query will be replaced with the current (old)
  //      password in unencrypted plain text.  If you do not use any
  //      password encryption, %4 and %5 will be the same values,
  //      except %4 will have double quotes around it and %5 will not.
  //


//$domainname = %3;
//$tablename = str_replace(".","_",$domainname);

  //$lookup_password_query = '';
  // TERRIBLE SECURITY: $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND plain_password = "%5"';
//  $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND crypt_password = %4';

// $lookup_password_query = 'SELECT count(*) FROM $tablename WHERE pw_name = "%2" AND pw_domain = "%3" AND pw_passwd = %4';

$lookup_password_query = 'SELECT count(*) FROM mydomain_com WHERE pw_name = "%2" AND pw_passwd = %4';





  // password_update_queries
  //
  // An array of SQL queries that will all be executed
  // whenever a password change attempt is made.
  //
  // Any number of queries may be included here.
  // The queries will be executed in the order given here.
  //
  //  %1 in all queries will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in all queries will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in all queries will be replaced with the domain name,
  //      such as "example.com"
  //  %4 in all queries will be replaced with the new password
  //      in whatever encryption format is needed per other
  //      plugin configuration settings (Note that the syntax of
  //      the password will be provided depending on your
  //      encryption choices, so you NEVER need to provide quotes
  //      around this value in the queries here.)
  //  %5 in all queries will be replaced with the new password
  //      in unencrypted plain text - BEWARE!  If you do not use
  //      any password encryption, %4 and %5 will be the same
  //      values, except %4 will have double quotes around it
  //      and %5 will not.
  //
  $password_update_queries = array(

'UPDATE mydomain_com SET pw_passwd = %4 WHERE pw_name = "%2"',
'UPDATE mydomain_com SET pw_clear_passwd = %5 WHERE pw_name = "%2"',

//            'UPDATE users SET crypt_password = %4 WHERE username = "%1"',
//            'UPDATE user_flags SET force_change_pwd = 0 WHERE username = "%1"',
//            'UPDATE users SET crypt_password = %4, force_change_pwd = 0 WHERE username = "%1"',
                                  );



  // force_change_password_check_query
  //
  // A query that checks for a flag that indicates if a user
  // should be forced to change their password.  This query
  // should return one value (one row, one column) which is
  // zero if the user does NOT need to change their password,
  // or one if the user should be forced to change it now.
  //
  // This setting should be an empty string if you do not wish
  // to enable this functionality.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //
  //$force_change_password_check_query = 'SELECT IF(force_change_pwd = "yes", 1, 0) FROM users WHERE username = "%1"';
  //$force_change_password_check_query = 'SELECT force_change_pwd FROM users WHERE username = "%1"';
  $force_change_password_check_query = '';



  // password_encryption
  //
  // What encryption method do you use to store passwords
  // in your database?  Please use one of the following,
  // exactly as you see it:
  //
  //  NONE          Passwords are stored as plain text only
  //  MYSQLPWD      Passwords are stored using the MySQL password() function
  //  MYSQLENCRYPT  Passwords are stored using the MySQL encrypt() function
  //  PHPCRYPT      Passwords are stored using the PHP crypt() function
  //  MD5CRYPT      Passwords are stored using encrypted MD5 algorithm
  //  MD5          Passwords are stored as MD5 hash
  //
  //$password_encryption = 'MYSQLPWD';

$password_encryption = 'MD5CRYPT';


  // csp_salt_query
  // csp_salt_static
  //
  // Encryption types that need a salt need to know where to get
  // that salt.  If you have a constant, known salt value, you
  // should define it in $csp_salt_static.  Otherwise, leave that
  // value empty and define a value for the $csp_salt_query.
  //
  // Leave both values empty if you do not need (or use) salts
  // to encrypt your passwords.
  //
  // The query should return one value (one row, one column) which
  // is the salt value for the current user's password.  This
  // query is ignored if $csp_salt_static is anything but empty.
  //
  //  %1 in this query will be replaced with the full username
  //      (including domain), such as "[hidden email]"
  //  %2 in this query will be replaced with the username (without
  //      any domain portion), such as "jose"
  //  %3 in this query will be replaced with the domain name,
  //      such as "example.com"
  //
  //$csp_salt_static = 'LEFT(crypt_password, 2)';
  //$csp_salt_static = '"a4"';  // use this format with MYSQLENCRYPT
  //$csp_salt_static = '$2$blowsomefish$';  // use this format with PHPCRYPT

$csp_salt_static = '';


  //$csp_salt_query = 'SELECT SUBSTRING_INDEX(crypt_password, '$', 1) FROM users WHERE username = "%1"';
  //$csp_salt_query = 'SELECT SUBSTRING(crypt_password, (LENGTH(SUBSTRING_INDEX(crypt_password, '$', 2)) + 2)) FROM users WHERE username = "%1"';
//  $csp_salt_query = 'SELECT salt FROM users WHERE username = "%1"';
  //$csp_salt_query = '';

$csp_salt_query = 'SELECT SUBSTRING(pw_passwd,4,9) FROM mydomain_com WHERE pw_name = "%2"';


  // csp_secure_port
  //
  // You may ensure that SSL encryption is used during password
  // change by setting this to the port that your HTTPS is served
  // on (443 is typical).  Set to zero if you do not wish to force
  // an HTTPS connection when users are changing their passwords.
  //
  // You may override this value for certain domains, users, or
  // service levels through the Virtual Host Login (vlogin) plugin
  // by setting a value(s) for $vlogin_csp_secure_port in the vlogin
  // configuration.
  //
  $csp_secure_port = 0;
  //$csp_secure_port = 443;



  // csp_non_standard_http_port
  //
  // If you serve standard HTTP web requests on a non-standard
  // port (anything other than port 80), you should specify that
  // port number here.  Set to zero otherwise.
  //
  // You may override this value for certain domains, users, or
  // service levels through the Virtual Host Login (vlogin) plugin
  // by setting a value(s) for $vlogin_csp_non_standard_http_port
  // in the vlogin configuration.
  //
  //$csp_non_standard_http_port = 8080;
  $csp_non_standard_http_port = 0;



  // min_password_length
  // max_password_length
  // include_digit_in_password
  // include_uppercase_letter_in_password
  // include_lowercase_letter_in_password
  // include_nonalphanumeric_in_password
  //
  // You can set the minimum and maximum password lengths that
  // you accept or leave those settings as zero to indicate that
  // no limit should be applied.
  //
  // Turn on any of the other settings here to check that the
  // new password contains at least one digit, upper case letter,
  // lower case letter and/or one non-alphanumeric character.
  //
  $min_password_length = 8;
  $max_password_length = 12;
  $include_digit_in_password = 1;
  $include_uppercase_letter_in_password = 1;
  $include_lowercase_letter_in_password = 1;
  $include_nonalphanumeric_in_password = 0;



  // csp_delimiter
  //
  // if your system has usernames with something other than
  // an "@" sign separating the user and domain portion,
  // specify that character here
  //
  //$csp_delimiter = '|';
  $csp_delimiter = '@';



  // debug mode
  //
  $csp_debug = 0;



?>




____________________
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
____________________
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users


------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Reply | Threaded
Open this post in threaded view
|

Re: change_sqlpass for qmailtoaster

Paul Lesniewski
In reply to this post by Rajesh M-3
On 1/14/15, Rajesh M <[hidden email]> wrote:

> hi
>
> i was able to adapt the change_sqlpass plugin to suit vpopmail mysql
> database of qmailtoaster wherein the domains are created as domain_com.
>
> however i got stuck at one specific point
>
> as per the details in the config file the variable : %3 returns the domain
> name as : domainname.com
>
> how do i get domainname.com within a variable so that i can replace dot with
> underscore ie domainname.com with domainname_com

https://dev.mysql.com/doc/refman/5.5/en/string-functions.html#function_replace

You should use this in your FROM clauses also if you intend to serve
users on more than one domain.

> for example i tried to use : $domainname = %3; but php throws a blank page.

http://www.squirrelmail.org/docs/admin/admin-11.html#ss11.1


--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Reply | Threaded
Open this post in threaded view
|

Re: change_sqlpass for qmailtoaster

Rajesh M-3
In reply to this post by Rajesh M-3
paul

i tried various options but not able to get it

1) $lookup_password_query = 'SELECT count(*) FROM %3 WHERE pw_name = %2 AND pw_passwd = %4'; --- this works as intended
%3 is replaced with domain name. xxxxx.com in the query below. database error occurs because the table name  xxxxx_com

DATABASE ERROR: could not lookup old password: SELECT count(*) FROM xxxxx.com WHERE pw_name = abc AND pw_passwd = "$1$yfkAbvF9$6ymDsb.crSYktxV80y3OR/"
---- DB Error: insufficient permissions

but what i need is xxxxx_com

2) as advised i tried to implement the replace function -- ie replace dot with underscore in xxxxx.com
$lookup_password_query = 'SELECT count(*) FROM  REPLACE(%3,".","_")  WHERE pw_name = "%2" AND pw_passwd = %4';
 but does not work and shows a blank page.

3) i tried to assign %3 to a variable and tried to use that in sql query but does not work. throws blank page.
Even a simple echo %3; does not work
It should display xxxxx.com but instead throws a blank page.

i enabled allowoverride all in display_errors in php.ini  and modified apache as advised but no error comes up

rajesh



----- Original Message -----
From: Paul Lesniewski [mailto:[hidden email]]
To: [hidden email]
Sent: Mon, 19 Jan 2015 11:31:21 -0800
Subject: Re: [SM-USERS] change_sqlpass for qmailtoaster

On 1/14/15, Rajesh M <[hidden email]> wrote:

> hi
>
> i was able to adapt the change_sqlpass plugin to suit vpopmail mysql
> database of qmailtoaster wherein the domains are created as domain_com.
>
> however i got stuck at one specific point
>
> as per the details in the config file the variable : %3 returns the domain
> name as : domainname.com
>
> how do i get domainname.com within a variable so that i can replace dot with
> underscore ie domainname.com with domainname_com
https://dev.mysql.com/doc/refman/5.5/en/string-functions.html#function_replace

You should use this in your FROM clauses also if you intend to serve
users on more than one domain.

> for example i tried to use : $domainname = %3; but php throws a blank page.

http://www.squirrelmail.org/docs/admin/admin-11.html#ss11.1


--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users


------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Reply | Threaded
Open this post in threaded view
|

Re: change_sqlpass for qmailtoaster

Paul Lesniewski
Please stop top-posting and quote your replies correctly.  It's the
least you can do for free software and free support.  Have a read of
the mailing list posting guidelines as you should already have done
when you subscribed.

>>> i was able to adapt the change_sqlpass plugin to suit vpopmail mysql
>>> database of qmailtoaster wherein the domains are created as domain_com.
>>>
>>> however i got stuck at one specific point
>>>
>>> as per the details in the config file the variable : %3 returns the
>>> domain
>>> name as : domainname.com
>>>
>>> how do i get domainname.com within a variable so that i can replace dot
>>> with
>>> underscore ie domainname.com with domainname_com
>>
>> https://dev.mysql.com/doc/refman/5.5/en/string-functions.html#function_replace
>>
>> You should use this in your FROM clauses also if you intend to serve
>> users on more than one domain.
>>
>>> for example i tried to use : $domainname = %3; but php throws a blank
>>> page.
>>
>> http://www.squirrelmail.org/docs/admin/admin-11.html#ss11.1
>
> i tried various options but not able to get it
>
> 1) $lookup_password_query = 'SELECT count(*) FROM %3 WHERE pw_name = %2 AND
> pw_passwd = %4'; --- this works as intended
> %3 is replaced with domain name. xxxxx.com in the query below. database
> error occurs because the table name  xxxxx_com
>
> DATABASE ERROR: could not lookup old password: SELECT count(*) FROM
> xxxxx.com WHERE pw_name = abc AND pw_passwd =
> "$1$yfkAbvF9$6ymDsb.crSYktxV80y3OR/"
> ---- DB Error: insufficient permissions

Insufficient permissions does not sound like an error having to do
with wrong table name, but who knows.  You'd better make sure.

> but what i need is xxxxx_com
>
> 2) as advised i tried to implement the replace function -- ie replace dot
> with underscore in xxxxx.com
> $lookup_password_query = 'SELECT count(*) FROM  REPLACE(%3,".","_")  WHERE
> pw_name = "%2" AND pw_passwd = %4';
>  but does not work and shows a blank page.

So fix the blank page.  You probably made a syntax error with your
quoting.  Pay attention to overrides like .htaccess.

> 3) i tried to assign %3 to a variable and tried to use that in sql query but
> does not work. throws blank page.
> Even a simple echo %3; does not work
> It should display xxxxx.com but instead throws a blank page.
>
> i enabled allowoverride all in display_errors in php.ini  and modified
> apache as advised but no error comes up

Maybe you need to pay a consultant to help you.  The information you
need to fix the problem has already been provided, now it's on you to
do the right thing with it in your environment.

--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users